August 7, 2017 by

New Cybersecurity Guidelines for Smart Cars issued by the UK government

New cybersecurity guidelines for smart cars were issued by the UK government. The British government has issued a new set of guidelines on Sunday for automakers to incorporate cybersecurity as a priority into their designs of internet-connected vehicles. All internet connected vehicles to drive on the streets need to be better protected against hackers. The Department of Transport and Centre for the Protection of National Infrastructure (CPNI) development eight principles for automakers to follow when making connected cars. UK Transport Minister Lord Callanan said that the number of autonomous and connected vehicles increase on the streets of Britain, guidlines should be put in place to protect consumers. Callanan stated:

“Our cars are becoming smarter and self-driving technology will revolutionise the way in which we travel. Risks of people hacking into the technology might be low, but we must make sure the public is protected.

Whether we’re turning vehicles into wifi connected hotspots or equipping them with millions of lines of code to become fully automated, it is important that they are protected against cyber-attacks.”

The eight principles are:

  • Principle 1: Organizational security is owned, governed and promoted at board level
  • Principle 2: Security risks are assessed and managed appropriately and proportionately, including those specific to the supply chain
  • Principle 3: Organizations need product aftercare and incident response to ensure systems are secure over their lifetime
  • Principle 4: All organizations, including sub-contractors, suppliers and potential 3rd parties, work together to enhance the security of the system
  • Principle 5: Systems are designed using a defense-in-depth approach
  • Principle 6: The security of all software is managed throughout its lifetime
  • Principle 7: The storage and transmission of data is secure and can be controlled
  • Principle 8 – The system is designed to be resilient to attacks and respond appropriately when its defenses or sensors fail

The guidelines will force engineers to design vehicles around cyber security threats. All well as, incorporate systems that have the ability to withstand receiving corrupt, invalid, or malicious data. It will also give its users the power to delete personal data from the car’s systems. McAfee chief scientist, Raj Samani said “Driverless vehicles must be secure by design, and the government’s new guidelines will undoubtedly play a key role in ensuring that UK car manufacturers make that happen.”

Mark Noctor, VP EMEA at Arxan Technologies has stated: “A major cyber-attack on connected vehicles would take a terrible toll on human life, so the security guidelines published by the UK Government on Sunday are an important step in securing this emerging technology.” With the issue of the new guidelines the UK government will continue to work alongside the auto industry to ensure vehicles are protected.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Fake SWIFT Service Emails Delivers Adwind Remote Access Trojan

An email phishing campaign has attempted to infect unsuspecting victims with the Adwind...

Read more arrow_forward

Tesla’s Cloud Account Hacked to Mine Cryptocurrency

Tesla’s cloud environment has been exploited by hackers who used the computational power to mine...

Read more arrow_forward

Snapchat Phishing Attack Swipes Credentials of Over 50,000 USers

Details have emerged on a phishing attack which saw hackers steal the credentials of over 50,000...

Read more arrow_forward